It sounds like a cool concept, but I can’t see anyone migrating to this service since there is no logical way to import your current passwords.
Am I missing something?
It sounds like a cool concept, but I can’t see anyone migrating to this service since there is no logical way to import your current passwords.
Am I missing something?
Often is probably a bad way to phrase it, but there is a reason TLS certificates are changed regularly. Generally this isn’t a big concern if you are the sole user and a set of known devices are used. Once you start handing passwords to others to use (such as is common in corporate environments) the problems being to show. Resetting the password is just a sure fire way to revoke access to anyone that may of had access that shouldn’t, for whatever reason.
You are correct though, that as long as the password isn’t being used on public terminals or in areas it might be compromised, it’s generally secure.